Method: Google::Auth::ServiceAccountJwtHeaderCredentials#new_jwt_token

Defined in:
lib/googleauth/service_account_jwt_header.rb

#new_jwt_token(jwt_aud_uri = nil, options = {}) ⇒ Object

Creates a jwt uri token.

[View source]

135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
 
# File 'lib/googleauth/service_account_jwt_header.rb', line 135

def new_jwt_token jwt_aud_uri = nil, options = {}
  now = Time.new
  skew = options[:skew] || 60
  assertion = {
    "iss" => @issuer,
    "sub" => @issuer,
    "exp" => (now + EXPIRY).to_i,
    "iat" => (now - skew).to_i
  }

  jwt_aud_uri = nil if @scope

  assertion["scope"] = Array(@scope).join " " if @scope
  assertion["aud"] = jwt_aud_uri if jwt_aud_uri

  logger&.debug do
    Google::Logging::Message.from message: "JWT assertion: #{assertion}"
  end

  JWT.encode assertion, @signing_key, SIGNING_ALGORITHM
end